HIPAA HITECH Compliance News

HIPAA Willful Neglect Can Cause Bankruptcy

Willful Neglect of HIPAA compliance has caused companies to go bankrupt.  How would you handle a six figure penalty from OCR?

Continue reading…

Demand Quarterly Risk Assessments From BAs

One wonders what would be revealed if all companies accessing ePHI were to do a comprehensive risk assessment today.  How many breaches would be discovered? A breach of nearly 400,000 patient records occurred on a server maintained by a BA.  The breach was discovered by an outside person 11 months after it occurred.

Continue reading…

OCR Steps Up Investigation of Smaller HIPAA Breaches

“We’re doing more investigations of smaller breaches … I think you’re going to see more of that in terms of entities with whom we enter corrective action plans,” reiterated Deven McGraw, Esq., OCR deputy director of health information privacy at the 88th annual American Health Information Management (AHIMA) conference held October 16-19 in Baltimore, MD

Continue reading…

Risk Assessment Critical for MACRA

An up do date risk assessment is a key element in your MIPS Composite Performance Score.  The MACRA Act which was passed with bilateral support in Congress uses the MIPS score to determine reimbursement for practices.

Continue reading…

Storing encrypted ePHI in the Cloud? Still Need HIPAA Compliance

If you create, receive, maintain, or transmit ePHI you are a business associate and must be HIPAA compliant, even if the data is encrypted and you don't have the key.  Thus saith OCR.

Continue reading…

Older Posts


Categories